BREAKING CHANGE: Change how (podman image trust show) represents multiple requirements

Currently
- the output uses the first entry's type, even if the requirements are different
  (notably signedBy + sigstoreSIgned)
- all public keys IDs are collected to a single line, even if some of them
  are interchangeable, and some are required (e.g. two signedBy requirements
  could require an image to be signed by (redhatProd OR redhatBeta) AND (vendor1 OR vendor2)

So, stop collapsing the requirements, and return a separate entry for each one. Multiple
GPG IDs on a single line used to mean AND or OR, now they always mean AND.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>

1 files changed, 7 insertions, 7 deletions

diff --git a/pkg/trust/trust.go b/pkg/trust/trust.go
index 7b1b798ca..5f292083f 100644
--- a/pkg/trust/trust.go
+++ b/pkg/trust/trust.go
@@ -96,21 +96,21 @@ func descriptionsOfPolicyRequirements(reqs []repoContent, template Policy, regis
 		}
 	}
 
-	entry := template
-	entry.Type = trustTypeDescription(reqs[0].Type)
-	uids := []string{}
 	for _, repoele := range reqs {
+		entry := template
+		entry.Type = trustTypeDescription(repoele.Type)
+
+		uids := []string{}
 		if len(repoele.KeyPath) > 0 {
 			uids = append(uids, idReader(repoele.KeyPath)...)
 		}
 		if len(repoele.KeyData) > 0 {
 			uids = append(uids, getGPGIdFromKeyData(idReader, repoele.KeyData)...)
 		}
+		entry.GPGId = strings.Join(uids, ", ")
+		entry.SignatureStore = lookasidePath
+		res = append(res, &entry)
 	}
-	entry.GPGId = strings.Join(uids, ", ")
-	entry.SignatureStore = lookasidePath
-
-	res = append(res, &entry)
 
 	return res
 }